package com.summer.safe.config.shiro;


import com.summer.safe.utils.MD5Util;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.CredentialsMatcher;

/***
 * 自定义密码校验
 */
public class CustomCredentialsMatcher implements CredentialsMatcher {

    /**
    **校验
    */
    @Override
    public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
        UsernamePasswordToken utoken=(UsernamePasswordToken) token;
        //获得用户输入的密码:(可以采用加盐(salt)的方式去检验)
        String inPassword = new String(utoken.getPassword());
        //获得数据库中的密码
        String dbPassword = (String) info.getCredentials();
        boolean b = MD5Util.validatePassword(inPassword,dbPassword);

        //进行密码的比对
        return b;
    }

}
